package com.weblog.article.interceptor;

import enums.ExceptionEnum;
import exception.MyException;
import io.jsonwebtoken.Claims;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import util.JwtUtil;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

@Component
public class JwtInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtUtil jwtUtil;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //无论如何都放行，具体能不能操作还是要具体的操作中判断
        //拦截器只是负责把有请求头中包含token的令牌进行一个解析认证
        String header = request.getHeader("Authorization");
        if (header != null && !"".equals(header)) {
            //如果包含有Authorization头信息，就进行解析
            if (header.startsWith("Bearer")) {
                String token = header.substring(7);
                try {
                    Claims claims = jwtUtil.parseJWT(token);
                        List<String> roles = (List<String>) claims.get("roles");
                    boolean flag=false;
                    if (roles != null) {
                        if (roles.size() > 1) {
                            //是管理员

                            for (String role : roles) {
                                if ("role_superadmin".equals(role)) {
                                    //是超级管理员
                                    flag = true;
                                    request.setAttribute("id_A",claims.getId());
                                    request.setAttribute("roles_A",roles);
                                    request.setAttribute("claims_superAadmin_A", token);

                                }
                            }
                            if (!flag) {
                                //普通管理员
                                request.setAttribute("claims_admin_A", token);
                                request.setAttribute("id_A",claims.getId());
                                request.setAttribute("roles_A",roles);
                            }
                        }else {
                            //普通用户或普通管理员
                            if("role_admin_common".equals(roles.get(0))){
                                //尚未分配角色的管理员，只可以查看
                                request.setAttribute("claims_admin_A", token);
                                request.setAttribute("id_A",claims.getId());
                                request.setAttribute("roles_A",roles);
                            }else {
                                //普通用户
                                request.setAttribute("id_A",claims.getId());
                                request.setAttribute("roles_A",roles);
                                request.setAttribute("claims_common_A", token);
                            }
                        }
                    }
                } catch (MyException e) {
                    e.printStackTrace();
                    throw new MyException(ExceptionEnum.TOKEN_OUTED);
                }
            }

        }
        return true;
    }
}
